Breadcrumb

Your car provides you with more than just transportation. And criminals want at that information.

Ryan Francis Jul 25th 2016

Our vehicles contain critical personal information such as our personal contacts, registration and insurance details, financial information and even the address to our home – making entry, theft and further damage even more of a possibility. Our vehicles are truly an extension of one’s connected self and the technology associated with them offers substantial benefits.

With the emergence of sophisticated technology, the nature of vehicle theft has changed. A major adversary of today’s vehicle owner is a smarter, connected and more targeted network of criminals, known as ‘Connected Vehicle Thieves’. LoJack, provider of vehicle theft recovery and advanced fleet management solutions, shows how these New Age thieves can take advantage of the technology in vehicles.

“Car cloning” is an advanced form of vehicle theft, where savvy thieves create and install a fake vehicle identification number (VIN) for a stolen vehicle, allowing it to go unnoticed in plain sight. This method is primarily used to take high-end luxury vehicles and sell them overseas for profit, remaining undetected. Hackers can then use the purloined VINs to alter ownership forms, or to create false new documents to hide a stolen car’s true identity.

One growing and increasingly lucrative type of cybercrime is the use of ransomware, where inserted malware encrypts digital data and instructs a victim to pay the criminal a ransom to restore the decrypted information. With the emergence of the connected car and vehicles being used as WiFi hot spots, vehicle-enabled ransomware is a predictable next step for hackers, exploiting this new avenue to commit digital “kidnapping”. For example, in the near future, they could easily break into a vehicle, disable the engine and brakes, and demand bitcoin to restore the car to its functional state.

Connected vehicle thieves have begun carrying scanner boxes, or devices that can exploit the electronic system utilized by key fobs. These criminals can then unlock, and even start, a vehicle without even touching the key. Once the key comes in close enough range to the scanner box and is compromised. This problem has been particularly noted in Washington state.

As LoJack’s 2015 Vehicle Recovery Report demonstrates, today’s thieves are increasingly part of larger, organized crime rings targeting higher value vehicles that can then be cut up for parts, re-sold or even shipped overseas. These luxury vehicles are valued over $30,000, and some of the top vehicle models recovered in 2015 included Land Rover Range Rover, Ford F-Series, and BMW X-Series. These theft rings often utilize complex schemes, such as acquiring and copying smart keys and using stolen credit reports and false identities to illegally finance vehicles.

Remote hacking made headlines last year with the infamous takeover of a Jeep Cherokee caught on video, highlighting that connected car thieves view wireless networks as the weakest link in high-tech vehicles. Features that are common in most modern vehicles, like restaurant guides and built-in GPS, are connected to a telecommunications network. As a result, modern vehicles are vulnerable to a debilitating cybersecurity attack or, worse, a complete navigation takeover.

These days, connected cars carry more information and personal data than ever before, making identity theft a more serious threat. Thieves are targeting your vehicle, but also the data within it, which could lead to credit card details, location information, Social Security numbers, and personal IDs like drivers’ licenses. Once this information is obtained, it’s possible for a hacker to access any of your online accounts.